External SMTP Server & GSuite?

Installation seems like the most relevant place to post this, let me know if otherwise.

I’m having trouble configuring SMTP settings, we’re using GSuite. I found a couple of tutorials and they’re all basically the same, add your mail server, username and password, and encryption type and corresponding port. This doesn’t work, encountering the below error using SSL or TLS:

The following error was found while trying to send the test email:
Could not open socket: stream_socket_client(): unable to connect to tcp://smtp.gmail.com:587 (Network is unreachable)

Does anyone know if there’s a different way to configure SMTP settings when using a GSuite account?

Update1: Looks like Google disabled Password-based access on February 15, 2021, GSuite accounts only allow access to apps using OAuth. I take it Concrete CMS does not yet support OAuth? Couldn’t find an add-on either…

You have to create an app password in GSuite I believe and use it instead of your normal password. That’s what you would do if, for instance, you had 2 factor authentication enabled in Google.

I think this article on my blog might help you: https://www.kalmoya.com/articles/send-emails-concrete5-using-gmail-smtp-server

1 Like

This advice is a bit side-tracked.

But if GSuite doesn’t work, I recommend to use AWS SES (Simple Email Service) or SendGrid.

AWS SES is very cost effective. You can send upto 62,000 email per month for free.
It’s a bit troublesome to set-it up.

But if you are good at setting up DNS records, it should be smooth. AWS SES gives you SMTP credentials. You can set it to your Concrete easily.

You don’t need to host your Concrete on AWS server either.

1 Like

I enabled Less secure app access on the account, but still no cigar…

1 Like

Already paying for GSuite, paying for AWS SES defeats the purpose.

Thus far I’ve tried multiple configurations settings none of them worked, tried using SSL and the corresponding port (who still uses SSL?), enabled SMTP relay functionality in GSuite, enabled Less Secure App Access, nothing’s working. I for sure thought Less Secure App access was the ticket. I’m stumped.

See if the answer here can be of help (last message on the thread) Unable to send mail using External SMTP - concrete5

2 Likes

Thanks for that @mnakalay, I’m suspecting something similar whereby my hosting provider is not allowing outbound SMTP requests on the subdomain, though WP is working via an add-on and shares the same hosting account. Perhaps it could be a domain specific thing… I have a ticket in with Support requesting a way for me to isolate a possible outbound SMTP connectivity issue, we’ll see where that goes.

Glad the old forums are accessible again, I’ll reply back when I’ve made some progress. I appreciate the help, thanks all.

Alright… Hosting confirmed outbound SMTP connectivity is functioning correctly, server is able to successfully establish an SMTP connection to GSuite. So back to the drawing board, I figured this would work once less secure apps was enabled. Now however I’m starting to think OAuth is the only way, anyone out there gotten Concrete External SMTP to work using GSuite?

What I can say is, at the time I wrote that article, I tested it and it worked. I don’t think anything has changed since.

One of my customers used that article to connect a site a few months ago. He didn’t report any issues.
(I wasn’t involved in configuring the connection, so don’t have direct experience)

My general observation of gmail is that as a service it prefers to talk to other gmail. Anything else and it errs aggressively on the side of caution, black-holeing any message it doesn’t like for nefarious reasons only known to gmail.

I’m still troubleshooting this issue, but I’m utterly stumped. I enabled SMTP Relay settings on GSuite using user auth as the only authentication mechanism but I’m still not able to login. I’m back to wondering if Concrete is even making requests, does anyone know if the Concrete error message (below) is the same regardless of the issue encountered?

The following error was found while trying to send the test email:
Could not open socket: stream_socket_client(): unable to connect to tcp://smtp-relay.gmail.com:587 (Network is unreachable)

How about enabling debug mode, would that help?

After multiple different tests including one with Google Support I’m back to believing the behavior I’m experiencing is due to Concretes inability to establish a TCP connection. The issue now is determining where the fault lies, either with Concrete CMS and something to do with the PHP’s stream_socket_client, or something having to do with our hosting server or account.

After a troubleshooting sessions with Google Support we’ve concluded that google is not receiving any of our STMP requests. Additionally, looking again at this archive post I noticed a slight difference between our two errors. Whereas the error I’m encountering terminates with Network is unreachable, the original post terminates with Connection timed out. Perhaps I’m reading too much into it, but that’s where I’m at.

Working with our Hosting provider has not been fruitful, they’ve concluded that there’s no error on their end as evidenced by the fact they’re able to establish a Telnet session to the googles SMTP address without issues from our hosting server.

image

To compound the problem further, when switching to PHP Mail exclusively I’m able to successfully send test emails to all email domains even gmail but not our own email domain on GSuite. I’m looking into this particular issue thinking it might be a possible problem with DKIM, SPF, & DMARC since they’re all enabled on our email domain. But there’s something else going on here since we have DMARC configured to send us rejection reports and we haven’t received anything. Which leads me to believe that if it were a hosting side error that PHP Mail would not work, so the culprit has to be google, unless PHP Mail functions differently.

I need help isolating the issue, how can I prove or disprove a possible Concrete or Hosting side problem?

Regards,
Reseda NC

Which concrete5 version are you using?

I think you have to use version 8.5.5.

With that version you can configure the HELO/EHLO domain: set it to the domain you registered in the G Suite (or Google Workspace)

Hi @mlocati, thank you for your reply. However, I’ve made some progress on this issue. As I mentioned previously I’m dealing with two distinct problems that I’m certain are related. One is when using PHP Mail, where I’m able to send emails to all domains except our own. The second is when configured to use an external SMTP server, and I’m unable to connect and encounter a “Network is unreachable” error.

Today it dawned on me that perhaps this was a DNS resolution issue, most hosting accounts take care of everything for you and typically (I believe) aren’t configured to use external services for email or DNS. So in light of this thinking I looked at the DNS records configured on the hosting account and while testing some stuff out I decided to login to webmail on the hosting account. In there I found all of my test emails bound to our email domain when configured to use the PHP mail function. For some reason requests bound for our domain are being routed internally (perhaps using their internal resolvers) versus using the public mail servers found in DNS via our MX records (at least that’s what I believe is going on). I have another support case with our hosting provider to help fix this issue.

Regarding the connectivity issue when attempting to use an external SMTP configuration, I think this is related. I’ve had several troubleshooting chats with google support and they never see any of our requests at all. While I’d prefer to use the external SMTP configuration, at this point I’ll use the PHP mail function if I can get it to work.

I’ll reply when I’ve made more progress and let you all know how it turns out.

Regards,
Reseda NC

We are using our Google Workspace (formerly known as G Suite) account to deliver emails without any issue.

Here’s how we configured it:

  1. In the Google administration panel
    1. On the left panel, choose AppsGoogle WorkspaceGmail
    2. Go to the Routing section (it’s the last one on the right ATM)
    3. In the SMTP relay service section add a new rule
      1. Allowed Senders: Only addresses in my domains
      2. Authentication: Only accept mail from the specified IP addresses
      3. IP addresses / ranges: add the IP(s) of your webserver(s)
    4. Save the rule
  2. In your website dashboard section
    1. Go to System & SettingsEmailSMTP Method
    2. Check External SMTP Server
    3. Mail server: smtp-relay.gmail.com
    4. Leave Username and Password empty
    5. Encryption: TLS
    6. Port: 587
    7. HELO domain: enter your (primary) domain you manage with Google

Please remark that the last point (mandatory) is only available since concrete5 version 8.5.5

1 Like

Hi @mlocati,

This is exactly how I have it configured, but it still fails with the below error:

The following error was found while trying to send the test email:
Could not open socket: stream_socket_client(): unable to connect to tcp://smtp-relay.gmail.com:587 (Network is unreachable)

But, HAPPY NEWS, IT’S FINALLY WORKING!!! I was right regarding what I mentioned yesterday, when using the PHP mail function it was using the internal resolver for resolution and never routing emails to google. Hosting Support switched it so that my domain/hosting account would use a Remote Mail Exchanger (External Email Server).

It’s a bummer I can’t get an external SMTP server working, but I don’t care at this point. I need to get moving on the site overall, hopefully I don’t have issues when making the switch from subdomain to main site…

I’ll chime in again if I get external SMTP working. Thanks everyone!

Regards,
Reseda NC

2 Likes